10 Best Practices for Sharing Sensitive Information with Vendors

Don't Provide More Info than Necessary

Don't provide vendors with more information about proprietary products or information than they need. In other words, make sure you're properly addressing the risk involved with your supply chain. Let's say your organization is designing a really sensitive smartphone, and you decide to work with a vendor who can supply you with specialized screens. That particular vendor does not need access to all of your sensitive phone design information and data — they just need the specifications that will help them successfully create the phone screen. It cannot be overstated how important it is to protect your most sensitive data and information.

Deloitte published a report recently, noting that "the market is currently underinvested in the area of vendor management, particularly when it comes to tools, methods and processes." This same report also noted that businesses are increasingly outsourcing functions. As vendors have become more important in the day-to-day functioning of businesses, companies need to ensure that their data is safe on these third-party networks.

For organizations that are just getting started with a formalized vendor risk management (VRM) program, BitSight Technologies has prepared a list of the do's and don'ts of sharing sensitive information with vendors.

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ... More >>

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.